IBM 2 Computer Hardware User Manual


 
CCA Release 2.54 PKA_Symmetric_Key_Generate
Format
CSNDSYG
return_code Output Integer
reason_code Output Integer
exit_data_length In/Output Integer
exit_data In/Output String exit_data_length bytes
rule_array_count Input Integer one, two, or three
rule_array Input String
array
rule_array_count * 8 bytes
key_encrypting_key_identifier Input String 64 bytes
RSA_public_key_identifier_length Input Integer
RSA_public_key_identifier Input String RSA_public_key_identifier_length
local_enciphered_key_identifier_length In/Output Integer
local_enciphered_key_identifier In/Output String
RSA_enciphered_key_token_length In/Output Integer
RSA_enciphered_key_token In/Output String RSA_enciphered_key_length
Parameters
For the definitions of the return_code, reason_code, exit_data_length, and exit_data
parameters, see “Parameters Common to All Verbs” on page 1-11.
rule_array_count
The rule_array_count parameter is a pointer to an integer variable containing
the number of elements in the rule_array variable. The value must be one,
two, or three for this verb.
rule_array
The rule_array parameter is a pointer to a string variable containing an array of
keywords. The keywords are eight bytes in length, and must be left-justified
and padded on the right with space characters. The rule_array keywords are
shown below:
Keyword Meaning
Key-formatting method (one required)
PKCSOAEP Specifies the PKCS#1-V2.0 OAEP method of key
encipherment for DATA keys.
PKCS-1.2 Specifies the PKCS #1, block type 2 method of key
encipherment for DATA keys. In the RSA PKCS #1 v2.0
standard, RSA terminology describes this as the
RSAES-PKCS1-v1_5 format.
ZERO-PAD Specifies the pad-with-zero-bits-to-the-left method of key
encipherment for DATA keys.
PKA92 Specifies the PKA92 method of key encipherment for
key-encrypting keys.
NL-EPP-5 Specifies the NL-EPP-5 process of key encipherment for
key-encrypting keys. See “Encrypting a Key_Encrypting Key
in the NL-EPP-5 Format” on page C-16.
Key length (optional use with PKA92 or NL-EPP-5)
SINGLE-R For key-encrypting keys, specifies that a generated
key-encrypting key is to have equal left and right halves and
thus perform as a single-length key. Otherwise, the two
key-halves will be independent random values.
Chapter 5. DES Key-Management 5-83